package net.xyuu.web;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.acls.domain.BasePermission;
import org.springframework.security.acls.domain.ObjectIdentityImpl;
import org.springframework.security.acls.domain.PrincipalSid;
import org.springframework.security.acls.model.MutableAcl;
import org.springframework.security.acls.model.MutableAclService;
import org.springframework.security.acls.model.ObjectIdentity;
import org.springframework.security.acls.model.Sid;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;

import net.xyuu.entity.User;

public class PermissionResource {

	/**
	 * spring security 取用户
	 * 
	 * http://www.baeldung.com/get-user-in-spring-security
	 * 
	 * acl 文档相关
	 * 
	 * http://lengyun3566.iteye.com/blog/1330815
	 * http://blog.csdn.net/zhanshenyn/article/details/7024327
	 * http://haohaoxuexi.iteye.com/blog/2269021
	 */

	@Autowired
	private MutableAclService aclService;

	@GetMapping("/permission")
	public String save() {
		ObjectIdentity oi = new ObjectIdentityImpl(User.class, 1);
		MutableAcl acl = (MutableAcl) aclService.readAclById(oi);
		Sid sid = new PrincipalSid(SecurityContextHolder.getContext().getAuthentication());
		acl.insertAce(acl.getEntries().size(), BasePermission.CREATE, sid, true);
		aclService.updateAcl(acl);
		return "";
	}
}
